static void
join_show_prompt (GisAccountPageEnterprise *page,
GError *error)
{
GisAccountPageEnterprisePrivate *priv = gis_account_page_enterprise_get_instance_private (page);
UmRealmKerberosMembership *membership;
UmRealmKerberos *kerberos;
gchar hostname[128];
const gchar *name;
gtk_entry_set_text (GTK_ENTRY (priv->join_password), "");
gtk_widget_grab_focus (GTK_WIDGET (priv->join_password));
kerberos = um_realm_object_get_kerberos (priv->realm);
membership = um_realm_object_get_kerberos_membership (priv->realm);
gtk_label_set_text (GTK_LABEL (priv->join_domain),
um_realm_kerberos_get_domain_name (kerberos));
if (gethostname (hostname, sizeof (hostname)) == 0)
gtk_entry_set_text (GTK_ENTRY (priv->join_computer), hostname);
clear_entry_validation_error (GTK_ENTRY (priv->join_name));
clear_entry_validation_error (GTK_ENTRY (priv->join_password));
if (!priv->join_prompted) {
name = um_realm_kerberos_membership_get_suggested_administrator (membership);
if (name && !g_str_equal (name, "")) {
g_debug ("Suggesting admin user: %s", name);
gtk_entry_set_text (GTK_ENTRY (priv->join_name), name);
} else {
gtk_widget_grab_focus (GTK_WIDGET (priv->join_name));
}
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_HOSTNAME)) {
g_debug ("Bad host name: %s", error->message);
set_entry_validation_error (GTK_ENTRY (priv->join_computer), error->message);
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD)) {
g_debug ("Bad admin password: %s", error->message);
set_entry_validation_error (GTK_ENTRY (priv->join_password), error->message);
} else {
g_debug ("Admin login failure: %s", error->message);
g_dbus_error_strip_remote_error (error);
set_entry_validation_error (GTK_ENTRY (priv->join_name), error->message);
}
g_debug ("Showing admin password dialog");
gtk_window_set_transient_for (GTK_WINDOW (priv->join_dialog),
GTK_WINDOW (gtk_widget_get_toplevel (GTK_WIDGET (page))));
gtk_window_set_modal (GTK_WINDOW (priv->join_dialog), TRUE);
gtk_window_present (GTK_WINDOW (priv->join_dialog));
priv->join_prompted = TRUE;
g_object_unref (kerberos);
g_object_unref (membership);
/* And now we wait for on_join_response() */
}
gboolean
um_realm_join_finish (UmRealmObject *realm,
GAsyncResult *result,
GError **error)
{
UmRealmKerberosMembership *membership;
GError *call_error = NULL;
gchar *dbus_error;
GAsyncResult *async;
g_return_val_if_fail (UM_REALM_IS_OBJECT (realm), FALSE);
g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
membership = um_realm_object_get_kerberos_membership (realm);
g_return_val_if_fail (membership != NULL, FALSE);
async = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result));
um_realm_kerberos_membership_call_join_finish (membership, async, &call_error);
g_object_unref (membership);
if (call_error == NULL)
return TRUE;
dbus_error = g_dbus_error_get_remote_error (call_error);
if (dbus_error == NULL) {
g_debug ("Join() failed because of %s", call_error->message);
g_propagate_error (error, call_error);
return FALSE;
}
g_dbus_error_strip_remote_error (call_error);
if (g_str_equal (dbus_error, "org.freedesktop.realmd.Error.AuthenticationFailed")) {
g_debug ("Join() failed because of invalid/insufficient credentials");
g_set_error (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_LOGIN,
"%s", call_error->message);
g_error_free (call_error);
} else if (g_str_equal (dbus_error, "org.freedesktop.realmd.Error.BadHostname")) {
g_debug ("Join() failed because of invalid/conflicting host name");
g_set_error (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_HOSTNAME,
"%s", call_error->message);
g_error_free (call_error);
} else {
g_debug ("Join() failed because of %s", call_error->message);
g_propagate_error (error, call_error);
}
g_free (dbus_error);
return FALSE;
}
static void
join_show_prompt (UmAccountDialog *self,
GError *error)
{
UmRealmKerberosMembership *membership;
UmRealmKerberos *kerberos;
const gchar *name;
gtk_entry_set_text (self->join_password, "");
gtk_widget_grab_focus (GTK_WIDGET (self->join_password));
kerberos = um_realm_object_get_kerberos (self->selected_realm);
membership = um_realm_object_get_kerberos_membership (self->selected_realm);
gtk_label_set_text (self->join_domain,
um_realm_kerberos_get_domain_name (kerberos));
clear_entry_validation_error (self->join_name);
clear_entry_validation_error (self->join_password);
if (!self->join_prompted) {
name = um_realm_kerberos_membership_get_suggested_administrator (membership);
if (name && !g_str_equal (name, "")) {
g_debug ("Suggesting admin user: %s", name);
gtk_entry_set_text (self->join_name, name);
} else {
gtk_widget_grab_focus (GTK_WIDGET (self->join_name));
}
} else if (g_error_matches (error, UM_REALM_ERROR, UM_REALM_ERROR_BAD_PASSWORD)) {
g_debug ("Bad admin password: %s", error->message);
set_entry_validation_error (self->join_password, error->message);
} else {
g_debug ("Admin login failure: %s", error->message);
g_dbus_error_strip_remote_error (error);
set_entry_validation_error (self->join_name, error->message);
}
g_debug ("Showing admin password dialog");
gtk_window_set_transient_for (GTK_WINDOW (self->join_dialog), GTK_WINDOW (self));
gtk_window_set_modal (GTK_WINDOW (self->join_dialog), TRUE);
gtk_window_present (GTK_WINDOW (self->join_dialog));
self->join_prompted = TRUE;
g_object_unref (kerberos);
g_object_unref (membership);
/* And now we wait for on_join_response() */
}
static gboolean
realm_join_as_owner (UmRealmObject *realm,
const gchar *owner,
const gchar *login,
const gchar *password,
GBytes *credentials,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
UmRealmKerberosMembership *membership;
GSimpleAsyncResult *async;
GVariant *contents;
GVariant *options;
GVariant *option;
GVariant *creds;
const gchar *type;
membership = um_realm_object_get_kerberos_membership (realm);
g_return_val_if_fail (membership != NULL, FALSE);
type = find_supported_credentials (membership, owner);
if (type == NULL) {
g_debug ("Couldn't find supported credential type for owner: %s", owner);
g_object_unref (membership);
return FALSE;
}
async = g_simple_async_result_new (G_OBJECT (realm), callback, user_data,
realm_join_as_owner);
if (g_str_equal (type, "ccache")) {
g_debug ("Using a kerberos credential cache to join the realm");
contents = g_variant_new_from_data (G_VARIANT_TYPE ("ay"),
g_bytes_get_data (credentials, NULL),
g_bytes_get_size (credentials),
TRUE, (GDestroyNotify)g_bytes_unref, credentials);
} else if (g_str_equal (type, "password")) {
g_debug ("Using a user/password to join the realm");
contents = g_variant_new ("(ss)", login, password);
} else {
g_assert_not_reached ();
}
creds = g_variant_new ("(ssv)", type, owner, contents);
option = g_variant_new ("{sv}", "manage-system", g_variant_new_boolean (FALSE));
options = g_variant_new_array (G_VARIANT_TYPE ("{sv}"), &option, 1);
g_debug ("Calling the Join() method with %s credentials", owner);
um_realm_kerberos_membership_call_join (membership, creds, options,
cancellable, on_realm_join_complete,
g_object_ref (async));
g_object_unref (async);
g_object_unref (membership);
return TRUE;
}
